Migrate vault passwords to GCM #547

SailReal · 2024-08-13T13:15:23Z

This pull request introduces a security enhancement by changing how vault passwords and cloud credentials are encrypted. Starting with this PR, new vault passwords and cloud credentials will be encrypted using AES with 256 bit key length GCM with biometric authentication.

Key Changes

New: AES with 256 bit key length GCM (Galois/Counter Mode) is now used for encrypting vault passwords and cloud credentials.
Old: Previously, AES with 256 bit key length CBC (Cipher Block Chaining) was used.
New/Old: The encryption key is securely stored in the Android Keystore and the data in the internal storage, which is both accessible only to this app thanks to Android's sandbox model.
Existing cloud credentials will be migrated silently when the updated app is firstly opened.
Existing vault passwords will be migrated to the new format. Users can opt out of this migration, but in doing so, the vault passwords will be dropped to ensure consistency and security.

Security Considerations

AES with 256-bit Key Length CBC Limitations:
- While this is a robust encryption standard and was adequately secure within the confines of Android’s sandbox model, it lacks the built-in data integrity checks that GCM provides.
- The main risk associated with CBC mode is its susceptibility to padding oracle attacks when improperly implemented. However, in our previous implementation, this risk was mitigated by the app's design, where both the encryption key and data were securely stored in the app's internal memory, isolated by Android’s sandboxing. Additionally, the export mechanism has been disabled for this app, which means attacking involves breaking the Android sandbox model first.

Conclusion

This PR enhances our application's security posture by transitioning to a more robust encryption method. The switch to AES with 256 bit key length GCM aligns with industry best practices for data encryption and integrity, providing our users with stronger protection for their sensitive information. The previous implementation, while secure within the Android ecosystem, has been improved upon to meet evolving security standards.

…e same Activity

coderabbitai · 2024-08-13T13:15:48Z

Walkthrough

The recent changes significantly enhance the application's database management and cryptographic capabilities. This includes an upgrade from version 12 to 13 of the database schema, introducing robust testing to ensure data integrity during transitions. New features for managing vault passwords with varying encryption modes (CBC and GCM) improve security practices and streamline user authentication, ultimately enriching the user experience and maintaining the application's integrity.

Changes

Files	Change Summary
`data/build.gradle`	Updated `schemaVersion` from 12 to 13 to signify database changes.
`data/src/androidTest/java/...`	Added `upgrade12To13` test method to validate the database upgrade, incorporating new encryption logic for sensitive data.
`data/src/main/java/...`	Enhanced `DatabaseUpgrades` to include new upgrade functionality. Implemented `Upgrade12To13` for migrating to the new schema.
`data/src/main/java/...`	Introduced new class `Upgrade12To13.kt` for the database upgrade process, including methods for altering table structures and handling encryption modes.
`data/src/main/java/...`	Modified `CloudEntityMapper` to reflect changes in how cloud storage URIs are represented, enhancing data conversion methods.
`domain/src/main/java/...`	Introduced `ListCBCEncryptedPasswordVaults` use case for managing CBC vaults. Refactored `RemoveStoredVaultPasswords` to streamline password management.
`presentation/src/main/...`	Enhanced presenters to include new use cases for vault management and updated methods to handle password encryption modes.
`presentation/src/main/res/...`	Added new dialog and string resources for user interactions regarding vault migrations and biometric authentication.
`util/src/main/java/...`	Introduced `CryptoMode` enum and utility methods for cryptographic byte array handling. Refactored cryptographic classes for improved flexibility and security.
`util/src/androidTest/java/...`	Updated tests for `CredentialCryptor` and `KeyStoreBuilder` to utilize parameterized testing for various cryptographic modes.

🐇 Hopping through the code with glee,
New features abound, oh what a spree!
Vaults secure, with modes we can choose,
CBC or GCM, no data to lose!
Biometric bliss, passwords take flight,
In this land of encryption, all feels right! 🥕✨

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>.
- Generate unit testing code for this file.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai generate unit testing code for this file.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai generate interesting stats about this repository and render them as a table.
- @coderabbitai show all the console.log statements in this repository.
- @coderabbitai read src/utils.ts and generate unit testing code.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

coderabbitai

Actionable comments posted: 2

Outside diff range, codebase verification and nitpick comments (14)

util/src/main/java/org/cryptomator/util/crypto/CryptoByteArrayUtils.java (1)
5-9: Ensure explicit checks for byte array lengths before calling getBytes.

The getBytes method in BaseCipher.java and BiometricAuthCryptor.java is used without explicit checks to ensure encryptedBytesWithIv.length > ivLength. This could lead to potential ArrayIndexOutOfBoundsException. Please verify and add necessary checks to ensure the length condition is met before these calls.

BaseCipher.java

BiometricAuthCryptor.java

Analysis chain

Ensure correct handling of byte array lengths.

The getBytes method assumes that encryptedBytesWithIv is always longer than ivLength. Ensure that this assumption holds true in all cases where this method is called to avoid ArrayIndexOutOfBoundsException.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify that all calls to `getBytes` ensure `encryptedBytesWithIv.length > ivLength`.

# Test: Search for the function usage. Expect: Calls ensure the length condition.
rg --type java -A 2 $'getBytes('
Length of output: 102

Script:
#!/bin/bash
# Description: Verify that all calls to `getBytes` ensure `encryptedBytesWithIv.length > ivLength`.

# Test: Search for the function usage. Expect: Calls ensure the length condition.
rg --type java -A 2 'getBytes\('
Length of output: 2998

Script:
#!/bin/bash
# Extract more context around the calls to `getBytes` in `BaseCipher.java` and `BiometricAuthCryptor.java` to verify if the length condition is checked.

# Search for `getBytes` usage in `BaseCipher.java` with more context.
rg --type java -A 5 -B 5 'CryptoByteArrayUtils\.getBytes\(' util/src/main/java/org/cryptomator/util/crypto/BaseCipher.java

# Search for `getBytes` usage in `BiometricAuthCryptor.java` with more context.
rg --type java -A 5 -B 5 'CryptoByteArrayUtils\.getBytes\(' util/src/main/java/org/cryptomator/util/crypto/BiometricAuthCryptor.java
Length of output: 1252
presentation/src/main/res/layout/dialog_cbc_password_vaults_migration.xml (1)
6-16: Consider using ConstraintLayout for better performance.

While RelativeLayout is functional, ConstraintLayout is more efficient and flexible for complex layouts. Consider using ConstraintLayout if you plan to expand this layout in the future.
<androidx.constraintlayout.widget.ConstraintLayout
	android:layout_width="match_parent"
	android:layout_height="match_parent"
	android:padding="@dimen/activity_vertical_margin">

	<TextView
		android:layout_width="wrap_content"
		android:layout_height="wrap_content"
		android:text="@string/dialog_cbc_password_vaults_migration_hint"
		android:layout_constraintTop_toTopOf="parent"
		android:layout_constraintStart_toStartOf="parent" />

</androidx.constraintlayout.widget.ConstraintLayout>
presentation/src/main/java/org/cryptomator/presentation/ui/activity/view/VaultListView.kt (1)

21-21: Document the new method migrateCBCEncryptedPasswordVaults.

The addition of migrateCBCEncryptedPasswordVaults expands the interface's capabilities. Ensure that this method is well-documented, especially regarding its role in handling CBC-encrypted vaults, to guide implementers.
presentation/src/main/java/org/cryptomator/presentation/ui/dialog/CBCPasswordVaultsMigrationDialog.kt (3)
12-13: Consider adding documentation for the class.

Adding a brief comment explaining the purpose of the CBCPasswordVaultsMigrationDialog class would improve code readability and maintainability.
/**
 * Dialog for migrating CBC password vaults.
 */
15-20: Document the Callback interface.

Providing documentation for the Callback interface methods would clarify their purpose and usage.
interface Callback {
    /**
     * Called when the migration action is confirmed.
     */
    fun onCBCPasswordVaultsMigrationClicked(cbcVaults: List<Vault>)

    /**
     * Called when the migration action is rejected.
     */
    fun onCBCPasswordVaultsMigrationRejected(cbcVaults: List<Vault>)
}
31-33: Clarify the purpose of the setupView method.

The setupView method is currently empty. If no additional setup is required, consider adding a comment to explain its presence.
override fun setupView() {
    // No additional view setup required.
}
data/src/main/java/org/cryptomator/data/db/mappers/VaultEntityMapper.java (1)
33-33: Enhance documentation for withSavedPassword.

The addition of cryptoModeFrom(entity) in withSavedPassword enhances the handling of cryptographic modes. Consider documenting this change to clarify its purpose and usage.
+ // Handles different cryptographic modes for passwords
data/src/main/java/org/cryptomator/data/db/DatabaseUpgrades.java (1)
33-34: Document the addition of Upgrade12To13.

The constructor now includes Upgrade12To13. Ensure that this change is documented, especially any specific logic or considerations related to this upgrade path.
+ // Added support for database upgrade from version 12 to 13
util/src/main/java/org/cryptomator/util/crypto/BiometricAuthCryptor.java (1)
31-33: Clarify alias generation logic.

The getSuffixedAlias method appends "_GCM" for GCM mode but leaves CBC mode unchanged for legacy reasons. Ensure this logic is documented and understood by developers to prevent misuse.

Consider adding a comment explaining why CBC mode does not have a suffix.
// CBC does not have an alias due to legacy reasons; ensure compatibility with older systems.
data/src/main/java/org/cryptomator/data/db/entities/CloudEntity.java (1)
35-48: Ensure Usage of Parameterized Constructor in CloudEntityMapper.java

The CloudEntity class includes a parameterized constructor with new parameters accessTokenCryptoMode and s3SecretKeyCryptoMode. However, the instantiation in CloudEntityMapper.java uses the default constructor, which omits these parameters. Please verify if these parameters are required and update the instantiation to use the parameterized constructor if necessary.

Location to Review: data/src/main/java/org/cryptomator/data/db/mappers/CloudEntityMapper.java

Analysis chain

Verify constructor changes.

The constructor now includes parameters for accessTokenCryptoMode and s3SecretKeyCryptoMode. Ensure these changes are reflected in all instances where the constructor is called.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify all instantiations of CloudEntity include the new constructor parameters.

# Test: Search for CloudEntity instantiation. Expect: All instances include new parameters.
rg --type java -A 2 $'new CloudEntity'
Length of output: 384

Script:
#!/bin/bash
# Search for all constructors in the CloudEntity class to verify the presence of the parameterized constructor.
ast-grep --lang java --pattern $'class CloudEntity {
  $$$
  CloudEntity($_) {
    $$$
  }
  $$$
}'
Length of output: 100

Script:
#!/bin/bash
# Search for all instances of CloudEntity instantiation to verify if the parameterized constructor is used elsewhere.
rg --type java 'new CloudEntity'
Length of output: 150

Script:
#!/bin/bash
# Search specifically for the parameterized constructor in the CloudEntity class to confirm its presence.
rg --type java -A 5 'CloudEntity(Long id, @NotNull String type, String accessToken, String accessTokenCryptoMode, String url, String username, String webdavCertificate, String s3Bucket, String s3Region, String s3SecretKey, String s3SecretKeyCryptoMode)'
Length of output: 255

Script:
#!/bin/bash
# Use a broader search pattern to find any constructor definitions in the CloudEntity class.
rg --type java -A 10 'CloudEntity('
Length of output: 112

Script:
#!/bin/bash
# Correct the syntax and search for any constructor definitions in the CloudEntity class.
rg --type java -A 10 'CloudEntity\('
Length of output: 3564
presentation/src/main/java/org/cryptomator/presentation/util/BiometricAuthentication.kt (2)
84-84: Inconsistent Usage of CryptoMode.GCM with VaultModel.withSavedPassword

The usage of CryptoMode.GCM with VaultModel.withSavedPassword is inconsistent across the codebase. Here are the instances where different CryptoMode values are used:

BiometricAuthenticationMigration.kt uses both CryptoMode.NONE and CryptoMode.GCM.

BiometricAuthSettingsPresenter.kt uses CryptoMode.NONE, a dynamic value (tmpVault.passwordCryptoMode), and null.

UnlockVaultActivity.kt uses null.

UnlockVaultPresenter.kt and BiometricAuthentication.kt correctly use CryptoMode.GCM.

Consider reviewing these instances to ensure consistent usage of CryptoMode.GCM where appropriate.

Analysis chain

Ensure Consistent Usage of CryptoMode.GCM in VaultModel.

The withSavedPassword method now includes CryptoMode.GCM. Ensure this change is consistently applied throughout the codebase wherever VaultModel is used.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify consistent usage of CryptoMode.GCM with VaultModel.withSavedPassword.

# Test: Search for instances of withSavedPassword. Expect: All instances use CryptoMode.GCM.
rg --type kotlin -A 2 $'withSavedPassword'
Length of output: 3522
48-48: Inconsistent Usage of CryptoMode with BiometricAuthCryptor.getInstance

The BiometricAuthCryptor.getInstance method is not consistently using CryptoMode.GCM. In BiometricAuthenticationMigration.kt, the cryptoMode parameter can be set to either CryptoMode.CBC or CryptoMode.GCM, leading to potential inconsistencies in cryptographic operations.

File: presentation/src/main/java/org/cryptomator/presentation/util/BiometricAuthenticationMigration.kt

Lines: Multiple instances where cryptoMode is used with BiometricAuthCryptor.getInstance.

Consider reviewing the logic to ensure consistent and secure usage of cryptographic modes.

Analysis chain

Ensure Consistent Usage of CryptoMode.GCM.

The BiometricAuthCryptor.getInstance method now requires a CryptoMode parameter, which is set to GCM. Verify that this change is consistently applied throughout the codebase wherever BiometricAuthCryptor is instantiated.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify consistent usage of CryptoMode.GCM with BiometricAuthCryptor.getInstance.

# Test: Search for instances of BiometricAuthCryptor.getInstance. Expect: All instances use CryptoMode.GCM.
rg --type kotlin -A 2 $'BiometricAuthCryptor.getInstance'
Length of output: 1082

Script:
#!/bin/bash
# Description: Investigate the definition and assignment of `cryptoMode` in `BiometricAuthenticationMigration.kt`.

# Search for the definition and assignment of `cryptoMode` in `BiometricAuthenticationMigration.kt`.
rg --type kotlin 'cryptoMode' -A 2
Length of output: 5090
data/src/main/java/org/cryptomator/data/db/Upgrade12To13.kt (1)
15-25: Ensure transaction safety and error handling.

The internalApplyTo method correctly uses transactions to ensure atomicity. However, consider logging any exceptions that might occur during the transaction to aid in debugging.
		try {
			addCryptoModeToDbEntities(db)
			applyVaultPasswordCryptoModeToDb(db)
			upgradeCloudCryptoModeToGCM(db)
			db.setTransactionSuccessful()
		} catch (Exception e) {
			Timber.e(e, "Error during database upgrade from version %d to %d", origin, 13)
		} finally {
			db.endTransaction()
		}
data/src/main/java/org/cryptomator/data/db/entities/VaultEntity.java (1)
54-62: Initialization of VaultEntity instances is incomplete.

The VaultEntity constructor with the passwordCryptoMode parameter is not being used in the codebase. Specifically, in VaultEntityMapper.java, the entity is instantiated using a no-argument constructor, and the passwordCryptoMode field is not set. Ensure that all instances of VaultEntity are initialized with the passwordCryptoMode parameter to avoid potential issues.

data/src/main/java/org/cryptomator/data/db/mappers/VaultEntityMapper.java: Ensure passwordCryptoMode is set when creating VaultEntity.

Analysis chain

Constructor updated to include new field.

The constructor now includes passwordCryptoMode. Ensure that all instances of VaultEntity are correctly initialized with this new parameter.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify constructor updates for VaultEntity.

# Test: Ensure all instances of VaultEntity are initialized with passwordCryptoMode.
# Expect: Correct initialization of VaultEntity instances.
rg --type java -A 5 'new VaultEntity\('
Length of output: 781

Script:
#!/bin/bash
# Description: Find all instances of VaultEntity instantiation in the codebase to verify the use of passwordCryptoMode.

# Search for all occurrences of VaultEntity instantiation.
rg --type java 'new VaultEntity\('
Length of output: 152

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between e6e8d61 and 827f35d.

Files selected for processing (42)

data/build.gradle (1 hunks)
data/src/androidTest/java/org/cryptomator/data/db/UpgradeDatabaseTest.kt (2 hunks)
data/src/main/java/org/cryptomator/data/db/DatabaseUpgrades.java (2 hunks)
data/src/main/java/org/cryptomator/data/db/Sql.java (1 hunks)
data/src/main/java/org/cryptomator/data/db/Upgrade12To13.kt (1 hunks)
data/src/main/java/org/cryptomator/data/db/entities/CloudEntity.java (3 hunks)
data/src/main/java/org/cryptomator/data/db/entities/VaultEntity.java (3 hunks)
data/src/main/java/org/cryptomator/data/db/mappers/VaultEntityMapper.java (4 hunks)
domain/src/main/java/org/cryptomator/domain/Vault.java (8 hunks)
domain/src/main/java/org/cryptomator/domain/usecases/vault/ListCBCEncryptedPasswordVaults.java (1 hunks)
domain/src/main/java/org/cryptomator/domain/usecases/vault/RemoveStoredVaultPasswords.java (1 hunks)
domain/src/main/java/org/cryptomator/domain/usecases/vault/RemoveStoredVaultPasswordsAndDisableBiometricAuth.java (1 hunks)
domain/src/main/java/org/cryptomator/domain/usecases/vault/SaveVaults.java (1 hunks)
fastlane/Fastfile (7 hunks)
fastlane/README.md (1 hunks)
presentation/src/main/java/org/cryptomator/presentation/model/VaultModel.kt (2 hunks)
presentation/src/main/java/org/cryptomator/presentation/presenter/BiometricAuthSettingsPresenter.kt (4 hunks)
presentation/src/main/java/org/cryptomator/presentation/presenter/UnlockVaultPresenter.kt (6 hunks)
presentation/src/main/java/org/cryptomator/presentation/presenter/VaultListPresenter.kt (7 hunks)
presentation/src/main/java/org/cryptomator/presentation/ui/activity/UnlockVaultActivity.kt (2 hunks)
presentation/src/main/java/org/cryptomator/presentation/ui/activity/VaultListActivity.kt (5 hunks)
presentation/src/main/java/org/cryptomator/presentation/ui/activity/view/VaultListView.kt (1 hunks)
presentation/src/main/java/org/cryptomator/presentation/ui/dialog/CBCPasswordVaultsMigrationDialog.kt (1 hunks)
presentation/src/main/java/org/cryptomator/presentation/util/BiometricAuthentication.kt (2 hunks)
presentation/src/main/java/org/cryptomator/presentation/util/BiometricAuthenticationMigration.kt (1 hunks)
presentation/src/main/res/layout/dialog_cbc_password_vaults_migration.xml (1 hunks)
presentation/src/main/res/values/strings.xml (2 hunks)
presentation/src/test/java/org/cryptomator/presentation/presenter/VaultListPresenterTest.java (3 hunks)
util/src/androidTest/java/org/cryptomator/util/CredentialCryptorTest.java (1 hunks)
util/src/androidTest/java/org/cryptomator/util/KeyStoreBuilderTest.java (2 hunks)
util/src/main/java/org/cryptomator/util/crypto/BaseCipher.java (4 hunks)
util/src/main/java/org/cryptomator/util/crypto/BiometricAuthCryptor.java (2 hunks)
util/src/main/java/org/cryptomator/util/crypto/CipherCBC.java (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/CipherGCM.java (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/CredentialCryptor.java (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/CryptoByteArrayUtils.java (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/CryptoMode.java (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/CryptoOperations.java (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/CryptoOperationsCBC.java (2 hunks)
util/src/main/java/org/cryptomator/util/crypto/CryptoOperationsFactory.java (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/CryptoOperationsGCM.java (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/KeyStoreBuilder.java (3 hunks)

Files skipped from review due to trivial changes (2)

fastlane/README.md
util/src/main/java/org/cryptomator/util/crypto/CryptoMode.java

Additional comments not posted (98)

util/src/main/java/org/cryptomator/util/crypto/CryptoOperations.java (1)
10-11: Verify constant values.

Ensure that KeyStoreBuilder.DEFAULT_KEYSTORE_NAME and KeyProperties.KEY_ALGORITHM_AES are correctly defined and used. This centralization improves maintainability.

Verification successful

Constants are correctly defined and used.

DEFAULT_KEYSTORE_NAME is defined as "AndroidKeyStore" in KeyStoreBuilder.java.

KEY_ALGORITHM_AES is imported from android.security.keystore.KeyProperties.

Both constants are appropriately used in the codebase, ensuring maintainability.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the definitions of DEFAULT_KEYSTORE_NAME and KEY_ALGORITHM_AES.

# Test: Search for DEFAULT_KEYSTORE_NAME definition. Expect: Correct definition.
rg --type java --word-regex 'DEFAULT_KEYSTORE_NAME'

# Test: Search for KEY_ALGORITHM_AES definition. Expect: Correct definition.
rg --type java --word-regex 'KEY_ALGORITHM_AES'
Length of output: 987

Script:
#!/bin/bash
# Description: Verify the definitions of DEFAULT_KEYSTORE_NAME and KEY_ALGORITHM_AES.

# Test: Search for DEFAULT_KEYSTORE_NAME definition. Expect: Correct definition.
rg --type java --word-regexp 'DEFAULT_KEYSTORE_NAME'

# Test: Search for KEY_ALGORITHM_AES definition. Expect: Correct definition.
rg --type java --word-regexp 'KEY_ALGORITHM_AES'
Length of output: 765

Script:
#!/bin/bash
# Description: Search for the definition of KEY_ALGORITHM_AES.

# Test: Search for KEY_ALGORITHM_AES definition in all files.
rg 'KEY_ALGORITHM_AES'
Length of output: 155

Script:
#!/bin/bash
# Description: List imports in CryptoOperations.java to verify the source of KEY_ALGORITHM_AES.

# Test: List all import statements in CryptoOperations.java.
rg '^import ' util/src/main/java/org/cryptomator/util/crypto/CryptoOperations.java
Length of output: 195
util/src/main/java/org/cryptomator/util/crypto/CipherCBC.java (2)

10-12: Constructor correctness.

The constructor initializes the BaseCipher with the correct parameters for CBC mode. Ensure that BaseCipher supports these parameters.

14-17: Correct implementation of getIvParameterSpec.

The method correctly returns an IvParameterSpec for CBC mode. This is essential for initializing the cipher with the correct IV.

util/src/main/java/org/cryptomator/util/crypto/CipherGCM.java (2)

12-14: Constructor correctness.

The constructor initializes the BaseCipher with the correct parameters for GCM mode. Ensure that BaseCipher supports these parameters.

16-19: Correct implementation of getIvParameterSpec.

The method correctly returns a GCMParameterSpec for GCM mode with a tag length of 128 bits. This is essential for initializing the cipher with the correct IV and authentication tag length.
util/src/main/java/org/cryptomator/util/crypto/CryptoOperationsFactory.java (1)
8-26: Ensure thread safety with double-checked locking.

The double-checked locking pattern is correctly implemented here. However, ensure that CryptoOperationsCBC and CryptoOperationsGCM are immutable or effectively immutable to maintain thread safety.

Verification successful

Classes CryptoOperationsCBC and CryptoOperationsGCM are effectively immutable.

Both classes use static final fields and do not modify their state in the provided methods, aligning with immutability requirements for thread safety. No further action is needed.

CryptoOperationsCBC: Uses static final fields and no state-modifying methods.

CryptoOperationsGCM: Uses static final fields and no state-modifying methods.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify immutability of `CryptoOperationsCBC` and `CryptoOperationsGCM`.

# Test: Search for the class definitions and ensure they are immutable.
ast-grep --lang java --pattern $'class CryptoOperationsCBC {
  $$$
}'

ast-grep --lang java --pattern $'class CryptoOperationsGCM {
  $$$
}'
Length of output: 141

Script:
#!/bin/bash
# Locate the class definitions for CryptoOperationsCBC and CryptoOperationsGCM
# and print the class details to inspect for immutability.

# Find and print the class definition for CryptoOperationsCBC
fd -e java -x gawk '/class CryptoOperationsCBC/,/}/' {}

# Find and print the class definition for CryptoOperationsGCM
fd -e java -x gawk '/class CryptoOperationsGCM/,/}/' {}
Length of output: 1482
domain/src/main/java/org/cryptomator/domain/usecases/vault/SaveVaults.java (1)

23-29: Ensure robust exception handling in execute method.

The execute method throws BackendException, which is appropriate for handling backend-related issues. Consider logging the exception or providing more context to aid in debugging.
domain/src/main/java/org/cryptomator/domain/usecases/vault/RemoveStoredVaultPasswords.java (2)
19-20: Refactoring improves clarity and focus.

The constructor refactoring simplifies dependencies, focusing directly on the vaults. Ensure that this change aligns with the overall architecture and doesn't introduce unintended side effects.

28-28: Verify the logic for removing stored passwords.

The change to withSavedPassword(null, null) suggests an adjustment in handling saved passwords. Ensure this aligns with the intended logic and doesn't affect other parts of the system.

Verification successful

Logic for Removing Stored Passwords is Consistent

The use of withSavedPassword(null, null) in the context of RemoveStoredVaultPasswords and RemoveStoredVaultPasswordsAndDisableBiometricAuth aligns with the intended logic for clearing stored passwords. This change does not appear to affect other parts of the system.

Vault.java: Defines the withSavedPassword method, setting password and crypto mode.

RemoveStoredVaultPasswords.java: Uses withSavedPassword(null, null) to clear passwords.

RemoveStoredVaultPasswordsAndDisableBiometricAuth.java: Similarly clears passwords.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the usage of `withSavedPassword(null, null)`.

# Test: Search for the method usage. Expect: Consistent usage across the codebase.
rg --type java -A 5 $'withSavedPassword(null, null)'
Length of output: 53

Script:
#!/bin/bash
# Search for the definition of the `withSavedPassword` method to understand its implementation.
ast-grep --lang java --pattern 'withSavedPassword($_, $_) { $$$ }'

# Search for all usages of the `withSavedPassword` method to see how it is used throughout the codebase.
rg --type java 'withSavedPassword(' -A 3
Length of output: 654

Script:
#!/bin/bash
# Corrected search for the definition of the `withSavedPassword` method.
ast-grep --lang java --pattern 'method withSavedPassword($_, $_) { $$$ }'

# Corrected search for all usages of the `withSavedPassword` method.
rg --type java 'withSavedPassword\(' -A 3
Length of output: 2479
presentation/src/main/java/org/cryptomator/presentation/model/VaultModel.kt (1)

32-33: Addition of passwordCryptoMode property is appropriate.

The new passwordCryptoMode property in the VaultModel class correctly exposes the cryptographic mode of the password, aligning with the enhanced cryptographic capabilities outlined in the PR objectives.

domain/src/main/java/org/cryptomator/domain/usecases/vault/ListCBCEncryptedPasswordVaults.java (1)

1-29: Implementation of ListCBCEncryptedPasswordVaults is efficient and clear.

The new use case class effectively lists vaults with CBC encrypted passwords using streams and collectors. The structure and logic align well with the application's cryptographic enhancements.

util/src/androidTest/java/org/cryptomator/util/CredentialCryptorTest.java (1)

9-36: Parameterized testing enhances test coverage.

The introduction of parameterized tests for CredentialCryptor using different cryptographic modes (GCM and CBC) significantly improves test coverage and robustness.
util/src/androidTest/java/org/cryptomator/util/KeyStoreBuilderTest.java (4)
22-22: Use Parameterized Testing for Multiple Configurations

Switching to Parameterized testing is a good practice to test multiple configurations, such as different CryptoMode values. This enhances test coverage and ensures that the KeyStoreBuilder behaves correctly under various conditions.

29-31: Constructor Addition for Parameterized Testing

The constructor addition for CryptoMode is necessary for parameterized tests. This allows each test instance to be initialized with a different CryptoMode, ensuring comprehensive test coverage.

33-36: Data Method for Parameterized Tests

The data() method provides the necessary parameters for the tests. Using Arrays.asList to supply CryptoMode values is a straightforward approach to ensure all modes are tested.

48-48: Ensure Consistency with Method Signature Changes

The withKey method now includes cryptoMode as a parameter. Ensure that all calls to this method within the codebase are updated to match the new signature.

Verification successful

Method Signature Consistency Verified

All calls to the withKey method have been updated to include the cryptoMode parameter, ensuring consistency with the new method signature across the codebase.

KeyStoreBuilderTest.java

CredentialCryptor.java

BiometricAuthCryptor.java
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify all method calls to `withKey` match the new signature.

# Test: Search for the method usage. Expect: Only occurrences of the new signature.
rg --type java -A 5 $'withKey'
Length of output: 3424
domain/src/main/java/org/cryptomator/domain/usecases/vault/RemoveStoredVaultPasswordsAndDisableBiometricAuth.java (2)

15-16: New Use Case Class: RemoveStoredVaultPasswordsAndDisableBiometricAuth

The introduction of this use case class is a good encapsulation of the functionality to remove stored passwords and disable biometric authentication. It maintains separation of concerns and improves code organization.

30-43: Ensure Proper Exception Handling

The execute method performs critical operations that could throw BackendException. Ensure that these exceptions are handled appropriately in the calling code to prevent any unintended application behavior.

util/src/main/java/org/cryptomator/util/crypto/CredentialCryptor.java (3)

14-17: New Method for Alias Suffixing

The getSuffixedAlias method is a well-thought-out addition to handle different cryptographic modes. It ensures that keys are correctly differentiated based on the mode, which is crucial for maintaining security.

19-26: Constructor Update for CryptoMode Support

The constructor now takes CryptoMode as a parameter, allowing for more flexible cryptographic operations. This change aligns with the need for different handling based on the cryptographic mode.

30-34: Overloaded getInstance Method for CryptoMode

The overloaded getInstance method provides a way to specify the cryptographic mode during instantiation. This enhances configurability and ensures that the correct mode is used as needed.

presentation/src/main/java/org/cryptomator/presentation/ui/dialog/CBCPasswordVaultsMigrationDialog.kt (1)

22-29: Ensure proper handling of the VAULTS_ARG.

The use of requireArguments().getSerializable(VAULTS_ARG) assumes that the argument is always present and correctly typed. Consider adding error handling or validation to ensure robustness.
data/src/main/java/org/cryptomator/data/db/mappers/VaultEntityMapper.java (2)
47-49: Ensure cryptoModeFrom handles null values safely.

The method cryptoModeFrom safely handles null values by returning null if entity.getPasswordCryptoMode() is null. This is a good practice to prevent potential NullPointerException.

62-64: Verify the impact of passwordCryptoMode on persistence.

The addition of checking passwordCryptoMode before setting it in VaultEntity ensures that only non-null values are persisted. Verify that this change does not affect any existing logic related to entity persistence.

Verification successful

Verification Complete: No Impact on Persistence Logic

The addition of a null check before setting passwordCryptoMode in VaultEntity ensures that only non-null values are persisted, which is a safe and logical enhancement. This change does not adversely affect existing persistence logic or related operations.

The VaultEntityMapper handles the conversion between Vault and VaultEntity, ensuring consistency.

The VaultRepositoryImpl uses these mappers for database operations, maintaining the integrity of the data.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the impact of `passwordCryptoMode` on persistence logic.

# Test: Search for the usage of `passwordCryptoMode` in the persistence logic.
rg --type java 'passwordCryptoMode'
Length of output: 1873

Script:
#!/bin/bash
# Description: Check where VaultEntity's passwordCryptoMode is used in database operations or service layer.

# Find all usages of VaultEntity in the codebase to see where it might be persisted or manipulated.
rg --type java 'VaultEntity'

# Check for any repository or DAO classes that might handle VaultEntity persistence.
rg --type java 'extends JpaRepository<VaultEntity,'

# Look for service classes that might use VaultEntity.
rg --type java 'VaultEntity' -A 5
Length of output: 13578
util/src/main/java/org/cryptomator/util/crypto/CryptoOperationsGCM.java (3)

16-16: Consider making CryptoOperationsGCM public if it needs to be accessed outside the package.

Currently, CryptoOperationsGCM is package-private. Ensure this is intentional and aligns with the intended usage of the class.

22-35: Ensure proper exception handling in cryptor.

The method cryptor handles several exceptions, converting them into custom exceptions. This is a good practice for maintaining abstraction and clarity in error handling.

37-57: Review security implications of initializeKeyGenerator.

The method initializeKeyGenerator sets up key generation with user authentication requirements. Ensure that the security implications of these settings, especially setUserAuthenticationRequired, are fully understood and documented.

data/src/main/java/org/cryptomator/data/db/DatabaseUpgrades.java (1)

49-50: Verify the correctness of the upgrade path integration.

The integration of upgrade12To13 in the defineUpgrades method should be verified to ensure it correctly fits into the upgrade path logic. Check for any potential issues in the upgrade sequence.
util/src/main/java/org/cryptomator/util/crypto/BiometricAuthCryptor.java (4)
40-42: Ensure key recreation aligns with CryptoMode.

The recreateKey method now includes CryptoMode, ensuring the correct key is recreated. Verify that this change is consistently applied wherever keys are recreated.

Verification successful

All recreateKey calls include CryptoMode.

The recreateKey method is called with the CryptoMode parameter in all instances found. This ensures consistent application of the change.

RemoveStoredVaultPasswordsAndDisableBiometricAuth.java calls recreateKey with CryptoMode.GCM.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify all calls to recreateKey are updated to include the CryptoMode parameter.

# Test: Search for the recreateKey method usage. Expect: All instances include the CryptoMode parameter.
rg --type java -A 2 $'recreateKey'
Length of output: 922
36-38: Update method calls to include CryptoMode.

The getInstance method now requires CryptoMode, which must be reflected in all method calls.

Verification successful

No calls to BiometricAuthCryptor.getInstance found.

The search did not reveal any calls to BiometricAuthCryptor.getInstance in the codebase, indicating that there are no instances that need updating to include the CryptoMode parameter.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify all calls to getInstance are updated to include the CryptoMode parameter.

# Test: Search for the getInstance method usage. Expect: All instances include the CryptoMode parameter.
rg --type java -A 2 $'getInstance'
Length of output: 5411

Script:
#!/bin/bash
# Description: Specifically search for calls to BiometricAuthCryptor.getInstance to verify inclusion of CryptoMode.

# Test: Search for BiometricAuthCryptor.getInstance method usage. Expect: All instances include the CryptoMode parameter.
rg --type java -A 2 $'BiometricAuthCryptor.getInstance'
Length of output: 462
22-28: Ensure correct initialization with CryptoMode.

The constructor now requires CryptoMode, which is used to determine the key alias and initialize the cipher. This change enhances flexibility but requires careful handling to ensure compatibility across different modes.

Verification successful

All instantiations of BiometricAuthCryptor are correctly updated with CryptoMode.

The search confirms that the only instantiation of BiometricAuthCryptor in the codebase includes the CryptoMode parameter, aligning with the updated constructor requirements. No further changes are needed.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify all calls to the BiometricAuthCryptor constructor are updated to include the CryptoMode parameter.

# Test: Search for the BiometricAuthCryptor instantiation. Expect: All instances include the CryptoMode parameter.
rg --type java -A 3 $'new BiometricAuthCryptor'
Length of output: 474

Script:
#!/bin/bash
# Search the entire codebase for any instantiation of BiometricAuthCryptor to ensure all include the CryptoMode parameter.
rg --type java 'new BiometricAuthCryptor'
Length of output: 172
61-62: Verify IV length handling.

The decryption method uses different IV lengths based on CryptoMode. Ensure that these lengths are correctly implemented and tested.
util/src/main/java/org/cryptomator/util/crypto/KeyStoreBuilder.java (3)
47-49: Ensure CryptoMode is used correctly in method signatures.

The withKey and withRecreatedKey methods now include CryptoMode, which affects key creation. Verify that this change is consistently applied and that the CryptoMode is used correctly within these methods.

Verification successful

CryptoMode Usage Verified in Method Signatures

The CryptoMode parameter is correctly used in the withKey and withRecreatedKey methods. It is passed to CryptoOperationsFactory.cryptoOperations(mode), ensuring that cryptographic operations are configured appropriately based on the specified mode.

KeyStoreBuilder.java lines 60-83: CryptoMode is used consistently in both methods.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify all calls to withKey and withRecreatedKey include the CryptoMode parameter.

# Test: Search for the withKey and withRecreatedKey method usage. Expect: All instances include the CryptoMode parameter.
rg --type java -A 3 $'with(Key|RecreatedKey)'
Length of output: 3590

Script:
#!/bin/bash
# Verify the internal usage of the CryptoMode parameter within the withKey and withRecreatedKey methods.
ast-grep --lang java --pattern $'public $_ withKey(String alias, boolean requireUserAuthentication, CryptoMode mode, Context context) {
  $$$
}' 

ast-grep --lang java --pattern $'public $_ withRecreatedKey(String alias, boolean requireUserAuthentication, CryptoMode mode, Context context) {
  $$$
}' 
Length of output: 2750
73-76: Validate key recreation logic with CryptoMode.

The withRecreatedKey method now uses CryptoMode to recreate keys. Ensure that the logic correctly handles different modes and that keys are recreated as expected.

Verification successful

Key recreation logic with CryptoMode is correctly implemented.

The cryptoOperations method in CryptoOperationsFactory handles different CryptoMode values by returning the appropriate CryptoOperations instance. This ensures that keys are recreated as expected in KeyStoreBuilder.java. The logic is correctly implemented and aligned with the intended functionality.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify CryptoOperationsFactory.cryptoOperations(mode) is correctly used to recreate keys.

# Test: Search for CryptoOperationsFactory usage. Expect: Correct recreation with mode parameter.
rg --type java $'CryptoOperationsFactory.cryptoOperations'
Length of output: 478

Script:
#!/bin/bash
# Search for the implementation of the cryptoOperations method in the CryptoOperationsFactory class.
ast-grep --lang java --pattern 'class CryptoOperationsFactory { $$$ cryptoOperations($_) { $$$ } $$$ }'
Length of output: 105

Script:
#!/bin/bash
# Use ripgrep to search for the definition of the cryptoOperations method in the CryptoOperationsFactory class.
rg --type java 'cryptoOperations' -A 10
Length of output: 7250
60-63: Check key creation logic with CryptoMode.

The withKey method now uses CryptoMode to initialize the key generator. Ensure that the logic correctly handles different modes and that the key generator is properly configured.

Verification successful

Key creation logic with CryptoMode is correctly implemented.

The withKey method in KeyStoreBuilder.java uses CryptoOperationsFactory.cryptoOperations(mode) to initialize the key generator and create the key. This ensures that each CryptoMode is handled properly, leveraging the specific implementations for CBC and GCM modes. The logic appears to be correctly configured to handle different modes.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify CryptoOperationsFactory.cryptoOperations(mode) is correctly used to initialize the key generator.

# Test: Search for CryptoOperationsFactory usage. Expect: Correct initialization with mode parameter.
rg --type java $'CryptoOperationsFactory.cryptoOperations'
Length of output: 478

Script:
#!/bin/bash
# Search for the implementation of the cryptoOperations method in CryptoOperationsFactory to understand its behavior.
ast-grep --lang java --pattern 'class CryptoOperationsFactory { $$$ cryptoOperations($_) { $$$ } $$$ }'
Length of output: 105

Script:
#!/bin/bash
# Search for all method definitions in the CryptoOperationsFactory class to locate cryptoOperations.
rg --type java 'class CryptoOperationsFactory' -A 50 | rg 'cryptoOperations'
Length of output: 1434

Script:
#!/bin/bash
# Search for the usage of the result from cryptoOperations(mode) in KeyStoreBuilder.java to verify key creation logic.
rg --type java 'CryptoOperationsFactory.cryptoOperations$mode$' -A 10 util/src/main/java/org/cryptomator/util/crypto/KeyStoreBuilder.java
Length of output: 806
data/src/main/java/org/cryptomator/data/db/entities/CloudEntity.java (2)

127-141: Check getter and setter methods for new fields.

The getter and setter methods for accessTokenCryptoMode and s3SecretKeyCryptoMode should be reviewed to ensure they are correctly implemented and used.

19-20: Ensure new fields are used appropriately.

The new fields accessTokenCryptoMode and s3SecretKeyCryptoMode have been added. Ensure these fields are correctly initialized and used throughout the class.

Also applies to: 33-34
presentation/src/main/java/org/cryptomator/presentation/ui/activity/UnlockVaultActivity.kt (1)
87-87: Verify Updated Method Signature Usage.

The withSavedPassword method now accepts two null parameters. Ensure that this usage aligns with the updated method signature and intended functionality across the codebase.

Verification successful

Confirm Method Signature and Usage Across Codebase

The withSavedPassword method is used consistently with both null and non-null parameters across the codebase, indicating that its design accommodates such flexibility. This usage aligns with the intended functionality.

Files with withSavedPassword usage:

BiometricAuthentication.kt

BiometricAuthenticationMigration.kt

UnlockVaultActivity.kt

BiometricAuthSettingsPresenter.kt

UnlockVaultPresenter.kt

The method's implementation should support null parameters, confirming the review comment's concern about verifying its usage.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify usage of the updated withSavedPassword method signature.

# Test: Search for instances of withSavedPassword. Expect: All instances match the updated signature.
rg --type kotlin -A 2 $'withSavedPassword'
Length of output: 3522
presentation/src/main/java/org/cryptomator/presentation/presenter/BiometricAuthSettingsPresenter.kt (3)

81-81: Ensure Correct Usage of CryptoMode.NONE.

The withSavedPassword method now uses CryptoMode.NONE. Verify that this usage is appropriate and aligns with the intended functionality for vault creation.

91-91: Ensure Dynamic Handling of CryptoMode.

The withSavedPassword method now dynamically uses tmpVault.passwordCryptoMode. Verify that this dynamic handling is correctly implemented and aligns with the intended functionality.

126-126: Verify Null Handling in Updated Method Signature.

The withSavedPassword method now accepts null for both parameters. Ensure that this usage aligns with the updated method signature and intended functionality across the codebase.
data/src/main/java/org/cryptomator/data/db/Upgrade12To13.kt (5)
27-54: Review SQL operations for correctness.

The addCryptoModeToDbEntities method performs several SQL operations. Ensure that the SQL statements are compatible with the database and that the data migration logic is correct. Verify that the new columns are correctly populated.

Verification successful

SQL Operations Verified for Correctness

The SQL operations in the addCryptoModeToDbEntities method are correctly implemented. The new columns ACCESS_TOKEN_CRYPTO_MODE and S3_SECRET_KEY_CRYPTO_MODE are properly added and populated with CryptoMode.GCM, as verified by existing test assertions.

The new columns are set in Upgrade12To13.kt and validated in UpgradeDatabaseTest.kt.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify SQL operations for correctness and compatibility.

# Test: Ensure that the new columns are correctly added and populated.
# Expect: Correct execution of SQL statements and data migration logic.
rg --type kotlin -A 5 'Sql\.(alterTable|createTable|insertInto|dropTable)'
Length of output: 32821

Script:
#!/bin/bash
# Description: Check for logic related to populating new columns ACCESS_TOKEN_CRYPTO_MODE and S3_SECRET_KEY_CRYPTO_MODE.

# Search for any references to the new columns in the Kotlin codebase.
rg --type kotlin 'ACCESS_TOKEN_CRYPTO_MODE|S3_SECRET_KEY_CRYPTO_MODE'
Length of output: 1275
56-87: Check foreign key constraints and index recreation.

The addPasswordCryptoModeToVaultDbEntity method includes foreign key constraints and index recreation. Verify that these constraints are correctly implemented and that the index is recreated as intended.

Verification successful

Foreign key constraints and index recreation are correctly implemented.

The addPasswordCryptoModeToVaultDbEntity method in Upgrade12To13.kt correctly implements the foreign key constraint with ON_DELETE_SET_NULL behavior and recreates the unique index as intended. No issues were found.

Foreign key constraint: FOLDER_CLOUD_ID references CLOUD_ENTITY with ON_DELETE_SET_NULL.

Unique index recreation: IDX_VAULT_ENTITY_FOLDER_PATH_FOLDER_CLOUD_ID on VAULT_ENTITY.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify foreign key constraints and index recreation.

# Test: Ensure foreign key constraints and index recreation are correctly implemented.
# Expect: Correct execution of SQL statements related to foreign keys and indexes.
rg --type kotlin -A 5 'Sql\.(foreignKey|createUniqueIndex)'
Length of output: 3246

Script:
#!/bin/bash
# Description: Verify foreign key constraints in Upgrade12To13.kt.

# Test: Ensure foreign key constraints are correctly implemented.
# Expect: Correct execution of SQL statements related to foreign keys.
rg --type kotlin 'foreignKey' -A 5 -B 5
Length of output: 7230
90-99: Validate password crypto mode application logic.

The applyVaultPasswordCryptoModeToDb method sets the PASSWORD_CRYPTO_MODE for non-null passwords. Ensure that this logic correctly updates the database and handles any edge cases.

Verification successful

Password Crypto Mode Application Logic Verified

The applyVaultPasswordCryptoModeToDb method correctly updates the PASSWORD_CRYPTO_MODE for entries with non-null passwords, setting it to CryptoMode.CBC. This is confirmed by the presence of relevant tests and the appropriate invocation within the database upgrade process.

The method is invoked correctly during the upgrade.

Tests validate the correct setting of PASSWORD_CRYPTO_MODE.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Validate password crypto mode application logic.

# Test: Ensure that PASSWORD_CRYPTO_MODE is correctly set for non-null passwords.
# Expect: Correct execution of SQL update statements.
rg --type kotlin -A 5 'Sql\.update$"VAULT_ENTITY"$'
Length of output: 1682

Script:
#!/bin/bash
# Search for the definition of CryptoMode.CBC
rg --type kotlin 'CryptoMode.CBC' -A 3

# Find invocations of applyVaultPasswordCryptoModeToDb in the codebase
rg --type kotlin 'applyVaultPasswordCryptoModeToDb'
Length of output: 4709
125-129: Review re-encryption method for correctness.

The reEncrypt method decrypts using CBC and encrypts using GCM. Ensure that the cryptographic operations are correctly implemented and secure.

101-122: Ensure correct re-encryption logic.

The upgradeCloudCryptoModeToGCM method re-encrypts data from CBC to GCM mode. Verify that the re-encryption logic is correct and that the reEncrypt method handles all necessary cases.

Verification successful

Re-encryption Logic Verified

The upgradeCloudCryptoModeToGCM method's re-encryption logic is correctly implemented. The CredentialCryptor class utilizes specific cipher implementations for each encryption mode, ensuring proper handling of the transition from CBC to GCM. The Cipher interface and its implementations (CipherGCM and CipherCBC) confirm that the encryption and decryption processes are managed appropriately.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Ensure correct re-encryption logic.

# Test: Verify re-encryption logic from CBC to GCM mode.
# Expect: Correct execution of re-encryption logic.
rg --type kotlin -A 5 'reEncrypt\('
Length of output: 1945

Script:
#!/bin/bash
# Locate the CredentialCryptor class and examine its decrypt and encrypt methods.
ast-grep --lang kotlin --pattern 'class CredentialCryptor {
  $$$
  fun decrypt($_): $_ {
    $$$
  }
  $$$
  fun encrypt($_): $_ {
    $$$
  }
  $$$
}'
Length of output: 154

Script:
#!/bin/bash
# Search for any Kotlin classes related to encryption or decryption.
ast-grep --lang kotlin --pattern 'class $_ {
  $$$
  fun decrypt($_): $_ {
    $$$
  }
  $$$
  fun encrypt($_): $_ {
    $$$
  }
  $$$
}'

# Check for imports in Upgrade12To13.kt that might indicate where CredentialCryptor is defined.
rg '^import ' data/src/main/java/org/cryptomator/data/db/Upgrade12To13.kt
Length of output: 529

Script:
#!/bin/bash
# Search for the CredentialCryptor class within the org.cryptomator.util.crypto package.
rg 'class CredentialCryptor' --type kotlin --type java --context 10

# Search for decrypt and encrypt methods within the org.cryptomator.util.crypto package.
rg 'fun decrypt|fun encrypt' --type kotlin --type java --context 5
Length of output: 38661

Script:
#!/bin/bash
# Examine the CredentialCryptor.java file for inheritance or interface implementation.
rg 'class CredentialCryptor' -A 15 util/src/main/java/org/cryptomator/util/crypto/CredentialCryptor.java

# Search for any interfaces or superclasses that might define decrypt and encrypt methods.
rg 'interface |class ' -A 10 util/src/main/java/org/cryptomator/util/crypto/
Length of output: 18573
domain/src/main/java/org/cryptomator/domain/Vault.java (6)

Line range hint 17-30: Ensure consistency with new field addition.

The addition of the passwordCryptoMode field is well integrated into the Vault class. Ensure that all usages of the Vault class correctly handle this new field.

82-84: Access method for new field is correctly implemented.

The getPasswordCryptoMode method provides access to the new field. Ensure that this method is used appropriately throughout the codebase.

131-131: Builder pattern updated with new field.

The passwordCryptoMode field is included in the builder pattern. Ensure that this field is correctly handled in all builder instances.

195-197: Builder method correctly assigns new field.

The withSavedPassword method correctly assigns the passwordCryptoMode. Ensure that this assignment logic is used consistently.

237-242: Validation logic ensures consistency.

The validation logic checks for consistency between password and passwordCryptoMode. This is a good practice to prevent inconsistent states.

48-48: Verify builder method updates.

The withSavedPassword method in the builder now includes passwordCryptoMode. Ensure that all calls to this method are updated to pass the correct CryptoMode.

data/src/main/java/org/cryptomator/data/db/entities/VaultEntity.java (2)

31-31: New field added for password crypto mode.

The passwordCryptoMode field is added to the VaultEntity class. Ensure that this field is correctly initialized and used within the application.

213-219: Getter and setter methods for new field.

The getPasswordCryptoMode and setPasswordCryptoMode methods provide access to the new field. Ensure these methods are used appropriately to maintain encapsulation.
data/build.gradle (1)
93-93: Verify database migration logic for schema version update.

The schema version has been updated from 12 to 13. Ensure that the corresponding migration scripts or logic are implemented to handle this update.

Verification successful

Database migration logic for schema version 13 is implemented and tested.

The migration logic for updating the schema from version 12 to 13 is present in the file Upgrade12To13.kt. Additionally, there is a test function upgrade12To13 in UpgradeDatabaseTest.kt, indicating that the migration logic is being tested. This confirms that the necessary updates have been made to handle the schema version change.

data/src/main/java/org/cryptomator/data/db/Upgrade12To13.kt

data/src/androidTest/java/org/cryptomator/data/db/UpgradeDatabaseTest.kt
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify that migration logic for schema version 13 is implemented.

# Test: Search for migration scripts or logic related to schema version 13.
# Expect: Migration logic or scripts for schema version 13 should be present.
rg --type kotlin "schemaVersion.*13"
Length of output: 38

Script:
#!/bin/bash
# Searching for migration-related classes or methods that might handle schema version updates.
ast-grep --lang kotlin --pattern 'class $_ : Migration { $$$ }'

# Searching for any method or function that might be related to database migration.
rg --type kotlin 'migrate|upgrade|updateSchema|onUpgrade' -A 5
Length of output: 14461
presentation/src/main/java/org/cryptomator/presentation/util/BiometricAuthenticationMigration.kt (7)
93-141: Review biometric authentication handling.

The handleBiometricAuthentication method manages biometric authentication. Ensure all potential exceptions are handled and the logic is robust.

33-46: Check the migration process logic.

The migrateVaultsPassword method initiates the migration process. Verify that the logic correctly handles all vaults and transitions between decryption and encryption.

Verification successful

Vault Processing Logic Verified

The migrateVaultsPassword method correctly processes all vaults through the processNextVault function. It handles transitions between decryption and encryption using a queue and lists, ensuring all vaults are processed sequentially. The logic appears to be implemented correctly.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the logic in `migrateVaultsPassword`.

# Test: Ensure that the method processes all vaults correctly.
# Expect: Correct handling of decryption and encryption transitions.
rg --type kotlin "migrateVaultsPassword"
Length of output: 392

Script:
#!/bin/bash
# Search for the implementation of `processNextVault` to understand the logic of vault processing.
ast-grep --lang kotlin --pattern 'fun processNextVault($_, $_, $_, $_, $_) { $$$ }'
Length of output: 85

Script:
#!/bin/bash
# Search for any references or similar functions related to `processNextVault` in the codebase.
rg "processNextVault" -A 10
Length of output: 5399
24-29: Review callback interface for completeness.

The Callback interface defines methods for handling the migration process. Ensure all necessary events are covered and handled appropriately in the implementation.

Verification successful

The Callback interface is fully implemented. The VaultListActivity.kt file implements all methods of the Callback interface, ensuring that the necessary events are covered. No further action is required.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the implementation of the `Callback` interface.

# Test: Search for classes implementing the `Callback` interface.
# Expect: All methods of the interface should be implemented.
ast-grep --lang kotlin --pattern $'class $_ : BiometricAuthenticationMigration.Callback { $$$ }'
Length of output: 97

Script:
#!/bin/bash
# Search for Kotlin files that implement the `Callback` interface.
fd -e kt | xargs grep -l 'BiometricAuthenticationMigration.Callback' | xargs -I {} echo "File: {}"

# Check each implementation to verify all methods are implemented.
fd -e kt | xargs grep -A 10 'class .*: BiometricAuthenticationMigration.Callback'
Length of output: 279

Script:
#!/bin/bash
# Check the implementation of the Callback interface in VaultListActivity.kt
grep -A 10 'class .*: BiometricAuthenticationMigration.Callback' presentation/src/main/java/org/cryptomator/presentation/ui/activity/VaultListActivity.kt

# Verify if all methods of the Callback interface are implemented in VaultListActivity.kt
grep -E 'fun onBiometricAuthenticationMigrationFinished|fun onBiometricAuthenticationFailed|fun onBiometricKeyInvalidated' presentation/src/main/java/org/cryptomator/presentation/ui/activity/VaultListActivity.kt
Length of output: 596
59-63: Ensure safe removal of biometric fragments.

The removeBiometricFragmentFromStack method removes biometric fragments. Ensure this operation is safe and does not disrupt the fragment lifecycle.

20-22: Ensure proper initialization of BiometricAuthenticationMigration.

The constructor parameters callback, context, and useConfirmationInFaceUnlockAuth are crucial for the class's operation. Ensure these are correctly initialized and passed when the class is instantiated.

Verification successful

Initialization of BiometricAuthenticationMigration is correct.

The constructor parameters callback, context, and useConfirmationInFaceUnlockAuth are properly initialized and passed in VaultListActivity. The context() method returns a valid Context, and the boolean value is correctly retrieved from SharedPreferencesHandler.

VaultListActivity extends BaseActivity, providing a valid Context.

context() method is correctly overridden in BaseActivity.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the initialization of `BiometricAuthenticationMigration`.

# Test: Search for instances where `BiometricAuthenticationMigration` is instantiated.
# Expect: Correct initialization with valid parameters.
rg --type kotlin "BiometricAuthenticationMigration"
Length of output: 1443

Script:
#!/bin/bash
# Check the definition and context of `this` in `VaultListActivity`.
ast-grep --lang kotlin --pattern $'class VaultListActivity { $$$ }'

# Verify the `context()` method in `VaultListActivity`.
ast-grep --lang kotlin --pattern 'fun context() { $$$ }'

# Inspect the method `useConfirmationInFaceUnlockBiometricAuthentication` in sharedPreferencesHandler.
rg --type kotlin 'fun useConfirmationInFaceUnlockBiometricAuthentication'
Length of output: 499

Script:
#!/bin/bash
# Search for the definition of `VaultListActivity` class more broadly.
rg --type kotlin 'class VaultListActivity'

# Search for the `context()` method definition more broadly.
rg --type kotlin 'fun context'
Length of output: 794
65-77: Validate decryption logic using CBC.

The decryptUsingCbc method handles decryption. Ensure the decryption logic is secure and handles errors appropriately.

Verification successful

Decryption Logic Using CBC Verified

The decryptUsingCbc method in BiometricAuthenticationMigration.kt securely handles decryption using CBC mode and includes appropriate error handling for cryptographic exceptions. The implementation leverages BiometricAuthCryptor and manages errors like BadPaddingException effectively. No issues found.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the decryption logic in `decryptUsingCbc`.

# Test: Ensure secure and error-free decryption.
# Expect: Correct decryption logic with error handling.
rg --type kotlin "decryptUsingCbc"
Length of output: 399

Script:
#!/bin/bash
# Search for the definition of `handleBiometricAuthentication` to examine its implementation.
ast-grep --lang kotlin --pattern 'fun handleBiometricAuthentication($_, $_, $_, $_, $_, $_) { $$$ }'
Length of output: 102

Script:
#!/bin/bash
# Search for the definition of `handleBiometricAuthentication` across all Kotlin files.
rg --type kotlin "handleBiometricAuthentication"
Length of output: 731

Script:
#!/bin/bash
# Extract the implementation of `handleBiometricAuthentication` to analyze its logic.
ast-grep --lang kotlin --pattern 'private fun handleBiometricAuthentication($_, $_, $_, $_, $_, $_) { $$$ }'
Length of output: 110

Script:
#!/bin/bash
# Extract lines around the definition of `handleBiometricAuthentication` to analyze its implementation.
rg --type kotlin -A 20 "private fun handleBiometricAuthentication" presentation/src/main/java/org/cryptomator/presentation/util/BiometricAuthenticationMigration.kt
Length of output: 1273
79-91: Validate encryption logic using GCM.

The encryptUsingGcm method handles encryption. Ensure the encryption logic is secure and handles errors appropriately.
presentation/src/main/java/org/cryptomator/presentation/ui/activity/VaultListActivity.kt (4)
56-57: Ensure correct initialization of biometricAuthenticationMigration.

The biometricAuthenticationMigration property is crucial for the migration process. Verify its correct initialization and usage.

Verification successful

Initialization of biometricAuthenticationMigration is correct.

The biometricAuthenticationMigration variable is properly initialized in the migrateCBCEncryptedPasswordVaults method before it is used. This ensures that it is correctly set up for its intended operations.

The initialization and usage are contained within the same method, which guarantees that it is ready before being used.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the initialization and usage of `biometricAuthenticationMigration`.

# Test: Search for all usages of `biometricAuthenticationMigration`.
# Expect: Correct initialization and usage throughout the class.
rg --type kotlin "biometricAuthenticationMigration"
Length of output: 985

Script:
#!/bin/bash
# Check the order of execution for `biometricAuthenticationMigration` initialization and usage in VaultListActivity.kt
rg --type kotlin "fun " -A 5 presentation/src/main/java/org/cryptomator/presentation/ui/activity/VaultListActivity.kt
Length of output: 6091
237-243: Check event handling for CBC password vaults migration.

The methods onCBCPasswordVaultsMigrationClicked and onCBCPasswordVaultsMigrationRejected handle user interactions. Ensure these methods correctly trigger the associated presenter actions.

Verification successful

Event handling for CBC password vaults migration is correctly implemented. The VaultListActivity class properly implements the callback interface, and the presenter methods are correctly triggered. No issues found with the current implementation.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify event handling for CBC password vaults migration.

# Test: Ensure correct interaction with the presenter.
# Expect: Proper triggering of presenter actions.
rg --type kotlin "onCBCPasswordVaultsMigration"
Length of output: 1279

Script:
#!/bin/bash
# Check for the implementation of the callback interface in VaultListActivity
rg --type kotlin "class VaultListActivity" -A 10

# Check for the definition and usage of presenter methods in VaultListActivity
rg --type kotlin "vaultListPresenter.cBCPasswordVaultsMigrationClicked"
rg --type kotlin "vaultListPresenter.cBCPasswordVaultsMigrationRejected"
Length of output: 1894
245-255: Validate biometric authentication callbacks.

The methods onBiometricAuthenticationMigrationFinished, onBiometricAuthenticationFailed, and onBiometricKeyInvalidated handle biometric authentication events. Ensure these methods correctly interact with the presenter.

Verification successful

Biometric authentication callbacks are correctly interacting with the presenter.

The methods onBiometricAuthenticationMigrationFinished, onBiometricAuthenticationFailed, and onBiometricKeyInvalidated in VaultListActivity correctly forward the biometric authentication events to the vaultListPresenter.

onBiometricAuthenticationMigrationFinished calls vaultListPresenter.biometricAuthenticationMigrationFinished(vaults).

onBiometricAuthenticationFailed calls vaultListPresenter.biometricAuthenticationFailed(vaults).

onBiometricKeyInvalidated calls vaultListPresenter.biometricKeyInvalidated(vaults).

These interactions ensure that the presenter is notified of the biometric authentication events as expected.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify biometric authentication callbacks.

# Test: Ensure correct interaction with the presenter.
# Expect: Proper handling and triggering of presenter actions.
rg --type kotlin "onBiometricAuthentication"
Length of output: 1798

Script:
#!/bin/bash
# Extract the implementation of the biometric authentication methods in VaultListActivity to verify interaction with the presenter.
ast-grep --lang kotlin --pattern $'class VaultListActivity {
  $$$
  override fun onBiometricAuthenticationMigrationFinished(vaults: List<VaultModel>) {
    $$$
  }
  $$$
  override fun onBiometricAuthenticationFailed(vaults: List<VaultModel>) {
    $$$
  }
  $$$
  override fun onBiometricKeyInvalidated(vaults: List<VaultModel>) {
    $$$
  }
  $$$
}' 
Length of output: 354

Script:
#!/bin/bash
# Use rg to extract the implementation of biometric authentication methods in VaultListActivity.kt to verify interaction with the presenter.
rg --type kotlin "override fun onBiometricAuthentication" -A 5 presentation/src/main/java/org/cryptomator/presentation/ui/activity/VaultListActivity.kt
Length of output: 570
135-138: Review the migration logic for CBC encrypted passwords.

The migrateCBCEncryptedPasswordVaults method initiates the migration process. Ensure the logic correctly handles the migration and integrates with the biometric authentication.

Verification successful

Migration logic for CBC encrypted passwords is correctly implemented. The BiometricAuthenticationMigration class effectively handles the migration process, transitioning from CBC to GCM encryption while managing biometric authentication and exceptions appropriately.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the logic in `migrateCBCEncryptedPasswordVaults`.

# Test: Ensure the method correctly handles the migration process.
# Expect: Correct logic and integration with biometric authentication.
rg --type kotlin "migrateCBCEncryptedPasswordVaults"
Length of output: 515

Script:
#!/bin/bash
# Search for the implementation of BiometricAuthenticationMigration
ast-grep --lang kotlin --pattern 'class BiometricAuthenticationMigration { $$$ }'

# Search for the usage of migrateCBCEncryptedPasswordVaults in VaultListPresenter
rg --type kotlin 'migrateCBCEncryptedPasswordVaults' -A 5

# Search for the usage of migrateCBCEncryptedPasswordVaults in VaultListView
rg --type kotlin 'migrateCBCEncryptedPasswordVaults' -A 5
Length of output: 4177

Script:
#!/bin/bash
# Locate the file containing the BiometricAuthenticationMigration class to examine its implementation.
fd 'BiometricAuthenticationMigration.kt'
Length of output: 137

Script:
#!/bin/bash
# Display the contents of BiometricAuthenticationMigration.kt to review its implementation.
cat presentation/src/main/java/org/cryptomator/presentation/util/BiometricAuthenticationMigration.kt
Length of output: 6800
presentation/src/test/java/org/cryptomator/presentation/presenter/VaultListPresenterTest.java (3)

18-24: Add missing imports for new use cases.

The new use cases ListCBCEncryptedPasswordVaultsUseCase, RemoveStoredVaultPasswordsUseCase, and SaveVaultsUseCase have been imported correctly. Ensure that these imports are necessary and used in the test cases.

137-139: Confirm the integration of new use cases in the setup method.

The setup method now includes the new use cases. Ensure that the integration is correct and that these use cases are properly initialized for the tests.

111-113: Ensure mock objects are used in test cases.

The mock objects for ListCBCEncryptedPasswordVaultsUseCase, RemoveStoredVaultPasswordsUseCase, and SaveVaultsUseCase have been instantiated. Verify that these mocks are utilized in the test methods to cover the new functionality.

data/src/main/java/org/cryptomator/data/db/Sql.java (1)

68-70: Verify the correctness of the isNotNull() method.

The isNotNull() method is correctly implemented to append a SQL condition checking for non-null values. Ensure that this method is tested and used appropriately in query construction.

presentation/src/main/java/org/cryptomator/presentation/presenter/UnlockVaultPresenter.kt (4)

18-18: Update import for renamed use case.

The import for RemoveStoredVaultPasswordsAndDisableBiometricAuthUseCase reflects the enhanced functionality of the use case. Ensure that all references to this use case are updated throughout the code.

50-50: Ensure consistency with renamed use case.

The constructor now uses removeStoredVaultPasswordsAndDisableBiometricAuthUseCase. Verify that all references to this use case are updated and consistent with the new functionality.

Line range hint 308-314: Verify the logic in onBiometricKeyInvalidated().

The method now calls removeStoredVaultPasswordsAndDisableBiometricAuthUseCase. Ensure that this change aligns with the intended functionality and that error handling is robust.

357-359: Check the use of CryptoMode.GCM in password saving.

The addition of CryptoMode.GCM in withSavedPassword enhances encryption. Verify that this change is consistent with the application's cryptographic strategy and that it is tested.

fastlane/Fastfile (3)

369-385: Conditional checks for verifyOnly enhance flexibility.

The addition of conditional checks for options[:verifyOnly] allows for more flexible execution paths, enabling verification-only runs without modifying APKs. This is a useful enhancement.

374-377: Explicit handling of APK types improves organization.

The explicit handling of different APK types ensures consistency in managing APK files. Verify that all APK types are correctly managed and copied to their respective directories.

298-298: Verify the impact of removing user ID and group ID specifications.

The removal of user ID and group ID from the Docker run command simplifies the command but may affect permissions. Ensure that this change does not impact the execution context negatively.
presentation/src/main/java/org/cryptomator/presentation/presenter/VaultListPresenter.kt (4)
88-90: Integration of new use cases for CBC encrypted vaults.

The new use cases for managing CBC encrypted vaults are properly injected into the constructor, facilitating their use within the class.

257-302: Methods for handling user interactions with CBC vaults.

The methods effectively manage user interactions related to CBC vault migration and password management, enhancing the user experience.

420-445: Enhanced logic in startVaultAction for CBC vaults.

The method now includes checks for CBC encrypted vaults, ensuring that migration dialogs are triggered when necessary. This enhances the action flow based on vault state.

246-255: Method checkCBCEncryptedVaults ensures vault migration checks.

The method retrieves CBC encrypted vaults and prompts migration if necessary. Ensure that it is correctly invoked and functions as intended.

Verification successful

Invocation of checkCBCEncryptedVaults confirmed.

The method checkCBCEncryptedVaults is invoked within the VaultListPresenter.kt file. Ensure that its usage aligns with the intended functionality and check if additional context or dependencies might affect its behavior.

Invocation found in VaultListPresenter.kt.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the invocation and functionality of `checkCBCEncryptedVaults`.

# Test: Search for invocations of `checkCBCEncryptedVaults`.
# Expect: The method should be invoked where necessary.

# Search for method invocations
ast-grep --lang kotlin --pattern $'fun checkCBCEncryptedVaults() {
  $$$
}'
Length of output: 76

Script:
#!/bin/bash
# Search for invocations of the `checkCBCEncryptedVaults` method in the codebase.
rg 'checkCBCEncryptedVaults' --glob '*.kt' -A 2
Length of output: 749
data/src/androidTest/java/org/cryptomator/data/db/UpgradeDatabaseTest.kt (1)

648-763: Comprehensive test for upgrade from version 12 to 13.

The upgrade12To13 method effectively tests the database upgrade process, including encryption handling. Ensure that the test is executed and passes successfully.

presentation/src/main/res/values/strings.xml (7)

522-522: LGTM! Title string is clear.

The string effectively communicates the requirement for vault password migration.

523-523: LGTM! Hint string is informative.

The string provides a clear explanation of the migration process and its implications.

524-524: LGTM! Action label is appropriate.

The label "Migrate" clearly indicates the action to be taken.

525-525: LGTM! Reference and non-translatable use are correct.

The string correctly references another string for the cancel action and is appropriately marked as non-translatable.

568-568: LGTM! Reference and non-translatable use are correct.

The string correctly references another string for the biometric authentication title and is appropriately marked as non-translatable.

569-569: LGTM! Reference and non-translatable use are correct.

The string correctly references another string for the biometric authentication message and is appropriately marked as non-translatable.

570-570: LGTM! Reference and non-translatable use are correct.

The string correctly references another string for the option to use a password and is appropriately marked as non-translatable.

util/src/main/java/org/cryptomator/util/crypto/CryptoOperationsCBC.java (3)

16-19: Refactored class name and constants improve clarity and maintainability.

The renaming of the class to CryptoOperationsCBC and the introduction of constants for block mode and padding are positive changes that enhance the code's readability and maintainability.

23-28: Use of constants in cryptor method enhances code clarity.

The method now uses predefined constants for encryption block mode and padding, improving readability and reducing potential errors.

40-48: Initialization of KeyGenerator with constants improves consistency.

The method now uses constants for block modes and encryption paddings, enhancing consistency and reducing error potential.

util/src/main/java/org/cryptomator/util/crypto/BaseCipher.java (6)

11-20: Refactoring to abstract class with ivLength parameter enhances flexibility.

The class refactor to an abstract class with an ivLength parameter allows for more flexible IV handling and improves the design.

23-23: Abstract method getIvParameterSpec enhances extensibility.

The introduction of this abstract method allows subclasses to implement custom IV handling, improving the class's extensibility.

30-30: Use of CryptoByteArrayUtils.join in encrypt method improves maintainability.

The method now uses a utility function to combine encrypted data with the IV, enhancing code readability and maintainability.

40-41: Refactored decrypt method enhances consistency and flexibility.

The method now uses CryptoByteArrayUtils.getBytes and an abstract method for IV specification, improving consistency and flexibility.

52-52: Use of abstract method in getDecryptCipher enhances flexibility.

The method now uses an abstract method for IV specification, allowing for custom IV handling strategies.

64-65: Use of ivLength parameter in getIv method improves adaptability.

The method now uses the ivLength parameter, enhancing adaptability to different IV lengths.

...ion/src/main/java/org/cryptomator/presentation/ui/dialog/CBCPasswordVaultsMigrationDialog.kt

util/src/main/java/org/cryptomator/util/crypto/CryptoByteArrayUtils.java

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 827f35d and 8b0a6dc.

Files selected for processing (2)

presentation/src/main/java/org/cryptomator/presentation/ui/dialog/CBCPasswordVaultsMigrationDialog.kt (1 hunks)
util/src/main/java/org/cryptomator/util/crypto/CryptoByteArrayUtils.java (1 hunks)

Files skipped from review as they are similar to previous changes (2)

presentation/src/main/java/org/cryptomator/presentation/ui/dialog/CBCPasswordVaultsMigrationDialog.kt
util/src/main/java/org/cryptomator/util/crypto/CryptoByteArrayUtils.java

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 8b0a6dc and 7a7f477.

Files selected for processing (3)

data/src/androidTest/java/org/cryptomator/data/db/UpgradeDatabaseTest.kt (2 hunks)
data/src/main/java/org/cryptomator/data/db/Upgrade12To13.kt (1 hunks)
data/src/main/java/org/cryptomator/data/db/mappers/CloudEntityMapper.java (2 hunks)

Files skipped from review as they are similar to previous changes (2)

data/src/androidTest/java/org/cryptomator/data/db/UpgradeDatabaseTest.kt
data/src/main/java/org/cryptomator/data/db/Upgrade12To13.kt

Additional comments not posted (2)

data/src/main/java/org/cryptomator/data/db/mappers/CloudEntityMapper.java (2)
103-103: LGTM! Verify the usage of rootUri().

The change is consistent with treating the root URI as a URL. Ensure that rootUri() in LocalStorageCloud is correctly implemented and used consistently across the codebase.

Verification successful

Usage of rootUri() is consistent across the codebase.

The rootUri() method in LocalStorageCloud is used consistently in various parts of the codebase, confirming its correct implementation and usage. No further action is needed.

LocalStorageCloud.java: Method definition and usage.

CloudEntityMapper.java: Used to set the URL.

LocalStorageContentRepositoryFactory.java: Used in a conditional check.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the usage of `rootUri()` method in the codebase.

# Test: Search for the `rootUri` method usage. Expect: Consistent usage across the codebase.
rg --type java 'rootUri'
Length of output: 1141
51-51: LGTM! Verify the usage of entity.getUrl().

The change aligns with the updated semantics of treating the root URI as a URL. Ensure that entity.getUrl() is correctly implemented and used consistently across the codebase.

Verification successful

Consistent Usage of getUrl() Verified

The getUrl() method is consistently used in CloudEntityMapper.java for setting URLs in various configurations. It is defined in CloudEntity.java, returning a String, which aligns with its usage across the codebase. No inconsistencies found.

CloudEntityMapper.java: Usage in methods like withRootUri, withUrl, withS3Endpoint.

CloudEntity.java: Definition of getUrl() method.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the usage of `getUrl()` method in the codebase.

# Test: Search for the `getUrl` method usage. Expect: Consistent usage across the codebase.
rg --type java 'getUrl'
Length of output: 1745

JaniruTEC

While I can't say much about the changes in the org.cryptomator.util.crypto package, this looks good to me. I just have a few questions/suggestions.

data/src/main/java/org/cryptomator/data/db/Upgrade12To13.kt

fastlane/README.md

presentation/src/main/java/org/cryptomator/presentation/presenter/VaultListPresenter.kt

presentation/src/main/java/org/cryptomator/presentation/ui/activity/VaultListActivity.kt

...entation/src/main/java/org/cryptomator/presentation/util/BiometricAuthenticationMigration.kt

util/src/main/java/org/cryptomator/util/crypto/BiometricAuthCryptor.java

util/src/main/java/org/cryptomator/util/crypto/CredentialCryptor.java

util/src/main/java/org/cryptomator/util/crypto/CryptoOperationsFactory.java

Added missing fields defined by upstream v13 to "CloudEntity", "VaultEntity" and "AutoMigration14To15" Added room-generated database schema for v15 as "15.json" Moved "Upgrade12To13" and made it runnable Replaced calls in "Upgrade12To13" with matching "pre15"-calls Added "Upgrade12To13" to migration path in "DatabaseModule" -- About this commit, as well as 4aa1c90 and c9a0d3d: A new database version (13) introduced in the upstream by ac5f3ff/#547 [1] (merged into develop by 7a37c03) needs to be merged into the "feature/dao-migration"-branch used for working on #506 [2]. 4aa1c90 prepared the merge by bumping the versions defined by "feature/dao-migration" from 13 (l12-v1-r2-13) and 14 (l12-v2-r3-14) to 14 (l13-v1-r1-14) and 15 (l13-v2-r1-15). l13-v1-r1-14 supersedes l12-v1-r2-13 and l13-v2-r1-15 supersedes l12-v2-r3-14 by applying the changes introduced by the upstream v13. The relation between l13-v1-r1-14 and l13-v2-r1-15 is the same as between l12-v1-r2-13 and l12-v2-r3-14, i.e. the changes introduced by the upstream v13 are handled according to the semantics defined by that relation. 4aa1c90 deleted "13.json" (was l12-v1-r2-13) and replaced the content of "14.json" (was l12-v2-r3-14) with l13-v1-r1-14, which is the version that supersedes l12-v1-r2-13. It therefore changes the migration path from [...] -> v12 -> v13 (l12-v1-r2-13) -> v14 (l12-v2-r3-14) to [...] -> v12 -> [Not yet merged upstream v13] -> v14 (l13-v1-r1-14) -> v15 (l13-v2-r1-15). c9a0d3d merged the upstream v13 (c970438) into 4aa1c90 and made the migration path continuous again: [...] -> v12 -> upstream v13 -> v14 (l13-v1-r1-14) -> v15 (l13-v2-r1-15) This commit finishes this merge for the production source. It adds "15.json" with l13-v2-r1-15 as its content, which is the version that supersedes l12-v2-r3-14. Therefore "13.json" (l12-v1-r2-13) and "14.json" (l12-v2-r3-14) are superseded by "14.json" (l13-v1-r1-14) and "15.json" (l13-v2-r1-15) respectively. It also applies l13-v2-r1-15 to "CloudEntity" and "VaultEntity", as well as "AutoMigration14To15". [1] #547 [2] #506 Version definitions: l12-v1-r2-13: e1bd29a l12-v2-r3-14: 23887b4 l13-v1-r1-14: 9536283 l13-v2-r1-15: 074c77d

SailReal added 6 commits July 30, 2024 08:08

Support GCM as credentials cryptor

bd7d324

Migrate access tokens to GCM

ac5f3ff

WIP vault password gcm migration

5af0cdb

Add workaround to show multiple biometric auth promots from within th…

89b8aa6

…e same Activity

Merge branch 'develop' into feature/migrate-to-gcm

d4a279d

Run fluidattacks lane during dryRun as well

827f35d

coderabbitai bot reviewed Aug 13, 2024

View reviewed changes

...ion/src/main/java/org/cryptomator/presentation/ui/dialog/CBCPasswordVaultsMigrationDialog.kt Outdated Show resolved Hide resolved

util/src/main/java/org/cryptomator/util/crypto/CryptoByteArrayUtils.java Outdated Show resolved Hide resolved

Apply code review suggestions

8b0a6dc

SailReal requested a review from JaniruTEC August 13, 2024 14:04

coderabbitai bot reviewed Aug 13, 2024

View reviewed changes

Store local storage URL in URL property of the cloud entity

7a7f477

coderabbitai bot reviewed Aug 14, 2024

View reviewed changes

SailReal removed the request for review from JaniruTEC August 14, 2024 09:48

SailReal merged commit 7a37c03 into develop Aug 14, 2024
2 checks passed

SailReal deleted the feature/migrate-to-gcm branch August 14, 2024 09:48

JaniruTEC reviewed Aug 19, 2024

View reviewed changes

coderabbitai bot mentioned this pull request Sep 9, 2024

Thumbnail support #533

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Migrate vault passwords to GCM #547

Migrate vault passwords to GCM #547

SailReal commented Aug 13, 2024 •

edited

Loading

coderabbitai bot commented Aug 13, 2024 •

edited

Loading

Chat

CodeRabbit Commands (invoked as PR comments)

CodeRabbit Configuration File (`.coderabbit.yaml`)

Documentation and Community

coderabbitai bot left a comment

coderabbitai bot left a comment

coderabbitai bot left a comment

JaniruTEC left a comment

Migrate vault passwords to GCM #547

Migrate vault passwords to GCM #547

Conversation

SailReal commented Aug 13, 2024 • edited Loading

Key Changes

Security Considerations

Conclusion

coderabbitai bot commented Aug 13, 2024 • edited Loading

Walkthrough

Changes

Chat

CodeRabbit Commands (invoked as PR comments)

CodeRabbit Configuration File (.coderabbit.yaml)

Documentation and Community

coderabbitai bot left a comment

Choose a reason for hiding this comment

coderabbitai bot left a comment

Choose a reason for hiding this comment

coderabbitai bot left a comment

Choose a reason for hiding this comment

JaniruTEC left a comment

Choose a reason for hiding this comment

SailReal commented Aug 13, 2024 •

edited

Loading

coderabbitai bot commented Aug 13, 2024 •

edited

Loading

CodeRabbit Configuration File (`.coderabbit.yaml`)